From owner-freebsd-questions@FreeBSD.ORG  Thu May 25 11:22:45 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9D4D316A56D
	for <freebsd-questions@freebsd.org>;
	Thu, 25 May 2006 11:22:45 +0000 (UTC)
	(envelope-from xfb52@dial.pipex.com)
Received: from smtp-out3.blueyonder.co.uk (smtp-out3.blueyonder.co.uk
	[195.188.213.6])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0812F43D66
	for <freebsd-questions@freebsd.org>;
	Thu, 25 May 2006 11:22:40 +0000 (GMT)
	(envelope-from xfb52@dial.pipex.com)
Received: from [172.23.170.136] (helo=anti-virus01-07)
	by smtp-out3.blueyonder.co.uk with smtp (Exim 4.52)
	id 1FjDvL-0003i6-Dg; Thu, 25 May 2006 12:22:39 +0100
Received: from [80.192.58.58] (helo=[192.168.0.2])
	by asmtp-out6.blueyonder.co.uk with esmtp (Exim 4.52)
	id 1FjDvK-000747-Pf; Thu, 25 May 2006 12:22:38 +0100
Message-ID: <4475937E.50306@dial.pipex.com>
Date: Thu, 25 May 2006 12:22:38 +0100
From: Alex Zbyslaw <xfb52@dial.pipex.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20060515
X-Accept-Language: en
MIME-Version: 1.0
To: Lars Stokholm <lars.stokholm@gmail.com>
References: <44746E97.5070309@messias.qhigh.com>	<6B6CF4191FA8FD14F86DAB74@Paul-Schmehls-Computer.local>	<4474F496.8070708@webanoide.org>
	<a5eea06e0605250349m46ab7226rc54f4089c79aef18@mail.gmail.com>
In-Reply-To: <a5eea06e0605250349m46ab7226rc54f4089c79aef18@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: upload-only ftp server
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 May 2006 11:22:45 -0000

Lars Stokholm wrote:

> On 5/25/06, Mikhail Goriachev <mikhailg@webanoide.org> wrote:
>
>> Yeah, I agree. I forced my users to use SFTP through FileZilla on
>> windows. They actually think they're using FTP instead of SFTP. So
>> everyone is happy including me.
>
>
> Isn't it a problem that they can't be chrooted?

You could look at rssh which can restrict logins to just sftp and I 
believe allows chrooting.  Of course, with such a shell you can't then 
log in to Unix normally.  Proftpd will let you configure just about 
everything and can limit cd, for example, and might do what's required.  
Configuration is pretty mind-boggling, though, and always leaves me with 
the nagging doubt that I didn't get everything right, so testing always 
takes longer too :-(  I'm not sure I'd recommend it unless it did really 
did have a feature that was required.

--Alex